package com.itheima.config;

import com.alibaba.fastjson.JSON;
import com.sun.prism.impl.BaseContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.AntPathMatcher;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebFilter(urlPatterns = "/*")
@Slf4j
public class LoginCheckFilter implements Filter {

    // 配置路径的类
    AntPathMatcher antPathMatcher = new AntPathMatcher();

    /**
     * 未登录的安全校验
     * @param servletRequest
     * @param servletResponse
     * @param filterChain
     * @throws IOException
     * @throws ServletException
     */
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
                         FilterChain filterChain) throws IOException, ServletException {

        // 需要调用Http中getRequestURI的方法 所以强转
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;

        // 获取网页地址的路径
        String requestURI = httpServletRequest.getRequestURI();

        // 不用过滤的路径
        String[] loginUrls = {
                "/employee/login",
                "/employee/logout",
                "/backend/**",
                "/front/**",

                // 客户端放行的
                "/user/sendMsg",
                "/user/login"

        };

        //4-2、判断登录状态，如果已登录，则直接放行 setCurrentId
        if(httpServletRequest.getSession().getAttribute("user") != null){

            Long userId = (Long) httpServletRequest.getSession().getAttribute("user");
            ThreadLocals.setthread(userId);

            filterChain.doFilter(httpServletRequest,httpServletResponse);
            return;
        }

        // 对集合路径中的每个路径进行判断的方法
        boolean check = check(loginUrls, requestURI);

        //判断 check 是否需要放行
        // 这个参数传递Htrtp 是因为后续 需要用session的方法
        if (check){
            log.info("本次请求{}不需要处理",requestURI);
            // 路径是可以过滤的  这里放行
            filterChain.doFilter(httpServletRequest,httpServletResponse);
            return;
        }

        //通过 登录时候传给Session的one，这里通过one这个名字获取到ID
       Long one = (Long) httpServletRequest.getSession().getAttribute("one");

        //这里把 One ID 传到线程 中的Map中 方便后面菜品管理添加数据时候动态获取不同的人进行setCategory类中的字段
        ThreadLocals.setthread(one);

        // 对ID进行判断是否存在
        if (one != null){
            // 获取到ID了 所以已经登录过了,所以放行
            filterChain.doFilter(httpServletRequest,httpServletResponse);
            return;
        }

        // 没有登录  也不是可以放行的路径，非法访问 返回错误信息，返回给前端NOTLOGIN 错误信息
        httpServletResponse.getWriter().write(JSON.toJSONString(R.error("NOTLOGIN")));
        return;
    }


    // 对集合路径中的每个路径进行判断
    private boolean check(String[] loginUrls,String requestURI){
        for (String loginUrl : loginUrls) {
            boolean match = antPathMatcher.match(loginUrl, requestURI);
            if (match){
                return true;
            }
        }
        return false;
    }

}
